Windows Client UPDATE, July 31, 2003

==== This Issue Sponsored By ====

Software Pursuits, Inc.

Insider Training


1. Commentary: Problems with Network and System Upgrades

2. News & Views - Microsoft Patches Leave Systems Insecure and Break RAS 3. Announcements - Exchange 2003: Do You Plan to Migrate or Wait? - Windows & .NET Magazine Connections Launches Exchange Event

4. Resources - Tip: Working Around OS Reactivation in XP - Featured Thread: Problem with Group Policy in Windows 98

5. Events - New--Mobile & Wireless Road Show!

6. New and Improved - Roam with Your Laptop - Submit Top Product Ideas

7. Contact Us - See this section for a list of ways to contact us.

==== Sponsor: Software Pursuits, Inc. ====

Need a reliable, high-performance replication solution? Replicate and synchronize files between servers and PCs across LAN, WAN, FTP, and TCP/IP connections. SureSync gives you the control to minimize the impact of data replication and synchronization with improved performance. Advanced features such as real-time replication and synchronization, delta copying, file compression, QoS, and multicasting; ensure replication will be fast and unobtrusive. Protect, recover, share, and distribute files with ease and greater efficiency. Download a Free, fully-loaded 30-day evaluation.


Editor's Note: We'd like your opinion about Windows Client UPDATE!

To improve the editorial quality of this email newsletter and determine the best delivery format, we need your feedback. Please take some time to answer our online survey. The survey gives you the opportunity to provide feedback in one online survey about all the Windows & .NET Magazine Network newsletters to which you subscribe. We appreciate your time, and we look forward to reading your comments. To answer the survey go to

==== 1. Commentary: Problems with Network and System Upgrades ====
by David Chernicoff, [email protected]

I'm detecting a growing tide of discontent among the least technically literate of Microsoft product users. My Inbox has been pummeled with email from users complaining that their companies are disrupting their lives and, more important, their work as IT departments prepare to rip out functioning networks and replace them with the latest server OS from Microsoft. Many of these users are complaining because they don't understand why a change in server OS requires a change in desktop OS. The most vocal of these users are the folks who have upgraded their systems in the past year or so and don't understand why their new OS is so slow.

After following up with many of the readers who contacted me, I found a similar enterprise scenario: a moderately large network (from 250 to 750 users) running Windows NT Server 4.0 as the network OS, clients that are primarily Windows 98 Second Edition (Win98SE), and-- here's the kicker--client hardware that has been replaced within the past 18 months with technology that was cutting edge at the time of replacement. The one really curious element in the scenario is that, in every case, the new computers (Intel 1.7GHz Pentium 4 or better systems) have no more than 128MB of memory.

I realize that when you buy a couple of hundred computers, saving $100 per computer is pretty important. And I'm sure that when these new computers were specified, no one was concerned about running Win9x in 128MB of memory; for that generation OS, 128MB is an adequate amount of memory. But the common thread in the complaints I investigated is clear: Users have been upgraded to Windows XP, the migration went smoothly, all the applications and data files are where they're supposed to be, and computer performance has slowed noticeably.

The most vocal complainers are users who have been migrated from Office 97 to Office XP. Because the behavior of the Office applications has changed significantly over the years, these users feel that they have been shortchanged. It's hard to disagree with them. Running Office XP and XP Pro with 128MB of RAM is on the dark side of acceptability. The XP Pro OS and Office suite will work with 128MB of RAM, but when you try to use multiple applications at the same time--say, a spreadsheet and a Microsoft Word document--the performance hit is apparent. Add that to the disk swapping that XP loves, and you come up with annoyed users who are wondering why the hard disk light on their computer starts blinking whenever they try to do just about anything.

Memory is cheap at the moment, but the manpower required to open every user's PC case, not to mention the disruption of multiple users' workday, isn't. You need to take these costs into account when you plan network and user upgrades. Because the biggest cost is in the upgrade process itself, make sure that you don't skimp on memory: That 2GHz Pentium 4 system with 512MB of RAM had better be enough to accommodate the next generation of the OS and productivity suite.

==== Sponsor: Insider Training ====

WIN $25,000 IN FREE CLASSES AT INSIDER TRAINING QUALITY, AFFORDABLE, TRAINING! Insider Training has revolutionized IT learning. We have merged the best of LIVE classroom and self-paced training into a powerful, Internet-based learning system. Insider Training offers: LIVE, hands-on labs; small class sizes for powerful instructor/student interaction; thousands of pre-certification testing questions; access to all indexed, recorded live sessions and correlating materials for up to 90 days after training ends! To sign up for this promotion or to view our DEMO go to:


==== 2. News & Views ====
by Mark Joseph Edwards, [email protected]

Microsoft Patches Leave Systems Insecure and Break RAS

Users are reporting problems with two of Microsoft's recent security hotfixes that patch problems with remote procedure call (RPC) and Windows file management functions. On July 16, the company released Microsoft Security Bulletin MS03-026 (Buffer Overrun In RPC Interface Could Allow Code Execution), along with an associated patch for all Windows OSs except Windows 9x. The vulnerability is severe because it could let intruders execute code of their choice on an unprotected system; the problem could also let an intruder obtain a remote command shell.

Research groups have released demonstration code on the Internet, which increases the risk that someone might launch a wide-scale attack, possibly using worm technology. However, users who block access to port 135 or disable Distributed COM (DCOM) by using dcomcnfg.exe are better protected against attacks. Installing the recent patch without protecting port 135 or disabling DCOM might not offer enough protection.

At least one user has reported on NTBugtraq that even with the patch installed, his Windows 2000 system (with Service Pack 4--SP4) was still vulnerable to Denial of Service (DoS) attacks against port 135 when he used demonstration code to test the vulnerability. At least one user confirmed similar problems on Win2K but added that his Windows XP Home Edition system wasn't vulnerable to DoS attacks after installing the patch. The DoS occurs because of a crashed svchost.exe process.

The idea that DoS attacks might still be possible even after users load the patch clearly points out the value of demonstration code. It lets researchers verify problems and test vendor patches that could prove to be faulty. Even if the bad guys can get their hands on the code, it's nothing new. Security advice has been the same for decades: Staying on top of security news and security patches is the only way to stay protected. In other words, security through obscurity is no security at all.

On July 23, Microsoft issued another patch associated with Security Bulletin MS03-029 (Flaw in Windows Function Could Allow Denial of Service) regarding a flaw in a Windows file-management function. The problem affects Windows NT 4.0, including NT 4.0 Server, Terminal Server Edition (WTS). Several NTBugtraq users reported that after installing the patch, their RAS stopped working properly. Most users found that uninstalling the patch corrected the RAS problems; however, as of this writing, Microsoft hasn't pulled the patch from its download site, nor has it warned users that installing the patch might break RAS.

The problem was discovered by @stake, which issued a security bulletin regarding the matter. The bulletin is much more informative than Microsoft's. According to @stake, the vulnerability actually pertains to NT 4.0's file-naming process. @stake's advisory states, "The flaw can cause heap corruption to occur when a long string is passed to the file name functions. This results in the program calling the NT 4.0 file name processing functions to crash."

One attack vector pointed out by @Stake is IBM's Java Virtual Machine (JVM), which can pass a long string that in turn causes a DoS to occur because of an access violation. The vulnerability could let a remote user cause the DoS if Java is enabled on an affected system.

==== 3. Announcements ====
(from Windows & .NET Magazine and its partners)

Exchange 2003: Do You Plan to Migrate or Wait?

Windows & .NET Magazine and Aelita Software would like to know about your organization's plans to migrate to Exchange Server 2003. Take our brief survey, "Windows & .NET Magazine: The State of Exchange Migration," and sign up to receive a free white paper titled, "Upgrade or Migrate? Deployment Options for Exchange 2000/2003." Give us your feedback today!

Windows & .NET Magazine Connections Launches Exchange Event

Windows & .NET Magazine Connections will co-locate with Exchange Connections 2003. Stay competitive and invest your time to keep pace with technology. Learn the latest tips and tricks from gurus like Mark Minasi, Mark Russinovich, Tony Redmond, and Sue Mosher. Register now and get both conferences for the price of one--plus lock in your $300 early bird discount. Go online or call 203-268-3204 or 800-505-1201 for details.

==== 4. Resources ====

Tip: Working Around OS Reactivation in XP
(contributed by David Chernicoff, [email protected])

A friend of mine who had done a by-the-the-book system repair on his Windows XP computer called me in a panic. He was freaked because his system was prompting him to reactivate the OS. I reassured him that this behavior is by design because the repair process replaces the system license file. I told him to go ahead and initiate the Internet reactivation. He did so, with no further problems.

If you're worried about OS reactivation or need to run a repair when you don't have Internet access, you can make a copy of the system license file (wpa.dbl) which is in the \winnt\system32 folder, before you run the repair. After the repair finishes, copy wpa.dbl back to the system32 directory and you won't need to reactivate. Be aware that this process works only with retail copies of XP.

Featured Thread: Problem with Group Policy in Windows 98

Forum member Lytus created a Group Policy on a Windows 98 machine to lock down various items on the desktop and in the Start menu. He needs to use a logon script to install the new policy on multiple machines in System Tools. He has run the grouppol.inf file and added the appropriate registry entries, but when he goes to System Tools on a target machine, the Group Policy check box is cleared and he can't find the new policy. If you can help, join the discussion at the following URL:

==== 5. Events ====
(brought to you by Windows & .NET Magazine)

New--Mobile & Wireless Road Show!

Learn more about the wireless and mobility solutions that are available today! Register now for this free event!

==== 6. New and Improved ====
by Sue Cooper, [email protected]

Roam with Your Laptop

GlobeSoft released MultiNetwork Manager (MNM) 6.5, software that lets roaming users configure their laptops to connect to network environments in different locations. You can use MNM for client sites or wireless or home networks, and users can change connections at startup or on the fly. The application configures network connectivity settings for IP addresses, gateways, DHCP, DNS, WINS, Proxy, multiple domain controllers (DCs), and network clients. It also provides Windows NT security settings for non-administrators, Microsoft Outlook and Outlook Express support, switching for IP/DHCP without rebooting in Windows 2000, a system tray support environment, and DUN integration and mapping of network drives and default printers.

New features include wireless LAN (WLAN) support, a component for switching custom registry entries, and a boot time application (BTA) that doesn't rely on Graphical Identification and Authentication (GINA) technology. MNM doesn't interfere with other applications' desktop switching features. MultiNetwork Manager 6.5 supports Windows XP-Tablet/XP/2000/NT/Me/9x. Pricing starts at $36 per user; volume discounts are available. Contact GlobeSoft at [email protected]

Submit Top Product Ideas

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Do you know of a terrific product that others should know about? Tell us! We want to write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions to [email protected]

==== Sponsored Links ====

AutoProf Jerry Honeycutt Desktop Deployment Whitepaper;5790077;8214395;s?

CrossTec Free Download - NEW NetOp 7.6 - faster, more secure, remote support;5930423;8214395;j?


==== 7. Contact Us ====

About the newsletter -- [email protected] About technical questions -- About product news -- [email protected] About your subscription -- [email protected] About sponsoring UPDATE -- [email protected]

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.